xmrig
First submission 2024-09-03 12:28:04
File details
File type: | ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=989c8e3124a392451d99d52d4ffe7c9e75b887f2, stripped |
Mime type: | application/x-executable |
File size: | 8091.23 KB (8285424 bytes) |
MD5: | 7429d24207b100f6c164bf4703b5941e |
SHA1: | a7fad4de1ce0ed2c137c09d4bf9fe7276555f4a0 |
SHA256: | 72ac2877c9e4cd7d70673c0643eb16805977a9b8d55b6b2e5a6491db565cee1f |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
Virus Total: | 42/79 VT report date: 2024-08-29 10:15:04 |
Malware Type 3 | miner trojan pua |
Threat Type 3 | malxmr nezaa usblea24 |
URLs, FQDN and IP indicators 1
Strings analysis - File found
Executable |
lib%s.so |
XML |
topology.xml |
Strings analysis - Possible IPs found 25
1.3.111.2 |
1.3.101.111 |
1.3.101.110 |
1.3.101.113 |
1.3.101.112 |
127.0.0.1 |
1.3.36.3 |
1.3.6.1 |
3.1.9.9 |
3.1.9.4 |
3.1.9.3 |
3.1.9.1 |
3.1.9.29 |
3.1.9.49 |
3.1.9.21 |
1.3.14.3 |
3.1.9.23 |
3.1.9.44 |
3.1.9.43 |
3.1.9.24 |
3.1.9.41 |
101.3.4.1 |
101.3.4.2 |
61.1.1.1 |
1.9.16.3 |
Strings analysis - Possible URLs found 7
https://gcc.gnu.org/bugsrg/bugs/): |
https://xmrig.com/wizard |
https://xmrig.com/docs/algorithms |
http:// |
https://xmrig.com/benchmark/%s |
https:// |
http://%s |